diff --git a/test/integration/targets/subversion/aliases b/test/integration/targets/subversion/aliases index bb18aafa9cb..a021224b739 100644 --- a/test/integration/targets/subversion/aliases +++ b/test/integration/targets/subversion/aliases @@ -1,2 +1,4 @@ shippable/posix/group2 skip/osx +destructive +needs/root diff --git a/test/integration/targets/subversion/defaults/main.yml b/test/integration/targets/subversion/defaults/main.yml new file mode 100644 index 00000000000..86500a31e49 --- /dev/null +++ b/test/integration/targets/subversion/defaults/main.yml @@ -0,0 +1,9 @@ +--- +apache_port: 11386 # cannot use 80 as httptester overrides this +subversion_test_dir: '{{ output_dir }}/svn-test' +subversion_server_dir: /tmp/ansible-svn # cannot use a path in the home dir without userdir or granting exec permission to the apache user +subversion_repo_name: ansible-test-repo +subversion_repo_url: http://127.0.0.1:{{ apache_port }}/svn/{{ subversion_repo_name }} +subversion_repo_auth_url: http://127.0.0.1:{{ apache_port }}/svnauth/{{ subversion_repo_name }} +subversion_username: subsvn_user''' +subversion_password: Password123! diff --git a/test/integration/targets/subversion/files/create_repo.sh b/test/integration/targets/subversion/files/create_repo.sh new file mode 100644 index 00000000000..cc7f40741a2 --- /dev/null +++ b/test/integration/targets/subversion/files/create_repo.sh @@ -0,0 +1,6 @@ +#!/usr/bin/env bash + +svnadmin create "$1" +svn mkdir "file://$PWD/$1/trunk" -m "make trunk" +svn mkdir "file://$PWD/$1/tags" -m "make tags" +svn mkdir "file://$PWD/$1/branches" -m "make branches" diff --git a/test/integration/targets/subversion/meta/main.yml b/test/integration/targets/subversion/meta/main.yml index 07faa217762..c7b09a44c2e 100644 --- a/test/integration/targets/subversion/meta/main.yml +++ b/test/integration/targets/subversion/meta/main.yml @@ -1,2 +1,3 @@ dependencies: - prepare_tests + - setup_passlib diff --git a/test/integration/targets/subversion/tasks/main.yml b/test/integration/targets/subversion/tasks/main.yml index 5631adbd892..c63faca8a86 100644 --- a/test/integration/targets/subversion/tasks/main.yml +++ b/test/integration/targets/subversion/tasks/main.yml @@ -1,123 +1,27 @@ -# test code for the svn module -# (c) 2014, Michael DeHaan +--- +- name: clean out the checkout dir + file: + path: '{{ subversion_test_dir }}' + state: '{{ item }}' + loop: + - absent + - directory -# This file is part of Ansible -# -# Ansible is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation, either version 3 of the License, or -# (at your option) any later version. -# -# Ansible is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with Ansible. If not, see . +- name: setup subversion server + include_tasks: setup.yml -- name: set where to extract the repo - set_fact: checkout_dir={{ output_dir }}/svn +- block: + - name: verify that subversion is installed so this test can continue + shell: which svn -- name: set what repo to use - set_fact: repo=https://github.com/jimi-c/test_role + - name: run tests + include_tasks: tests.yml -- name: clean out the output_dir - shell: rm -rf {{ output_dir }}/* + always: + - name: stop apache after tests + command: apachectl -k stop -f {{ subversion_server_dir }}/subversion.conf -- name: install subversion - package: - name: subversion - when: ansible_distribution != "MacOSX" - -- name: verify that subversion is installed so this test can continue - shell: which svn - -# checks out every branch so using a small repo - -- name: initial checkout - subversion: repo={{ repo }} dest={{ checkout_dir }} - register: subverted - -- debug: var=subverted - -- shell: ls {{ checkout_dir }} - -# FIXME: the before/after logic here should be fixed to make them hashes, see GitHub 6078 -# looks like this: { -# "after": [ -# "Revision: 9", -# "URL: https://github.com/jimi-c/test_role" -# ], -# "before": null, -# "changed": true, -# "item": "" -# } - -- name: verify information about the initial clone - assert: - that: - - "'after' in subverted" - - "subverted.after.1 == 'URL: https://github.com/jimi-c/test_role'" - - "not subverted.before" - - "subverted.changed" - -- name: repeated checkout - subversion: repo={{ repo }} dest={{ checkout_dir }} - register: subverted2 - -- name: verify on a reclone things are marked unchanged - assert: - that: - - "not subverted2.changed" - -- name: check for tags - stat: path={{ checkout_dir }}/tags - register: tags - -- name: check for trunk - stat: path={{ checkout_dir }}/trunk - register: trunk - -- name: check for branches - stat: path={{ checkout_dir }}/branches - register: branches - -- name: assert presence of tags/trunk/branches - assert: - that: - - "tags.stat.isdir" - - "trunk.stat.isdir" - - "branches.stat.isdir" - -- name: checkout with quotes in username - subversion: repo={{ repo }} dest={{ checkout_dir }} username="quoteme'''" - register: subverted3 - -- debug: var=subverted3 - -- name: checkout with export - subversion: repo={{ repo }} dest={{ output_dir }}/svn-export export=True - register: subverted4 - -- name: check for tags - stat: path={{ output_dir }}/svn-export/tags - register: export_tags - -- name: check for trunk - stat: path={{ output_dir }}/svn-export/trunk - register: export_trunk - -- name: check for branches - stat: path={{ output_dir }}/svn-export/branches - register: export_branches - -- name: assert presence of tags/trunk/branches in export - assert: - that: - - "export_tags.stat.isdir" - - "export_trunk.stat.isdir" - - "export_branches.stat.isdir" - - "subverted4.changed" - -# TBA: test for additional options or URL variants welcome + - name: remove tmp subversion server dir + file: + path: '{{ subversion_server_dir }}' + state: absent diff --git a/test/integration/targets/subversion/tasks/setup.yml b/test/integration/targets/subversion/tasks/setup.yml new file mode 100644 index 00000000000..77331bd126b --- /dev/null +++ b/test/integration/targets/subversion/tasks/setup.yml @@ -0,0 +1,61 @@ +--- +- name: load OS specific vars + include_vars: '{{ ansible_os_family }}.yml' + +- name: install SVN pre-reqs + package: + name: '{{ subversion_packages }}' + state: present + +- name: create SVN home folder + file: + path: '{{ subversion_server_dir }}' + state: directory + +- name: set SELinux security context for SVN folder + sefcontext: + target: '{{ subversion_server_dir }}(/.*)?' + setype: '{{ item }}' + state: present + when: ansible_selinux.status == "enabled" + with_items: + - httpd_sys_content_t + - httpd_sys_rw_content_t + +- name: apply new SELinux context to filesystem + command: restorecon -irv {{ subversion_server_dir | quote }} + when: ansible_selinux.status == "enabled" + +- name: template out configuration file + template: + src: subversion.conf.j2 + dest: '{{ subversion_server_dir }}/subversion.conf' + +- name: create a test repository + script: create_repo.sh {{ subversion_repo_name }} + args: + chdir: '{{ subversion_server_dir }}' + creates: '{{ subversion_server_dir }}/{{ subversion_repo_name }}' + +- name: apply ownership for all SVN directories + file: + path: '{{ subversion_server_dir }}' + owner: '{{ apache_user }}' + group: '{{ apache_group }}' + recurse: True + +- name: add test user to htpasswd for Subversion site + htpasswd: + path: '{{ subversion_server_dir }}/svn-auth-users' + name: '{{ subversion_username }}' + password: '{{ subversion_password }}' + state: present + +- name: start test Apache SVN site - non Red Hat + command: apachectl -k start -f {{ subversion_server_dir }}/subversion.conf + when: not ansible_os_family == 'RedHat' + +# On Red Hat based OS', we can't use apachectl to start up own instance, just use the raw httpd +- name: start test Apache SVN site - Red Hat + command: httpd -k start -f {{ subversion_server_dir }}/subversion.conf + when: ansible_os_family == 'RedHat' diff --git a/test/integration/targets/subversion/tasks/tests.yml b/test/integration/targets/subversion/tasks/tests.yml new file mode 100644 index 00000000000..8421f9deca8 --- /dev/null +++ b/test/integration/targets/subversion/tasks/tests.yml @@ -0,0 +1,133 @@ +# test code for the svn module +# (c) 2014, Michael DeHaan + +# This file is part of Ansible +# +# Ansible is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# Ansible is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with Ansible. If not, see . + +# checks out every branch so using a small repo + +- name: initial checkout + subversion: + repo: '{{ subversion_repo_url }}' + dest: '{{ subversion_test_dir }}/svn' + register: subverted + +- name: check if dir was checked out + stat: + path: '{{ subversion_test_dir }}/svn' + register: subverted_result + +# FIXME: the before/after logic here should be fixed to make them hashes, see GitHub 6078 +# looks like this: { +# "after": [ +# "Revision: 9", +# "URL: https://github.com/jimi-c/test_role" +# ], +# "before": null, +# "changed": true, +# "item": "" +# } +- name: verify information about the initial clone + assert: + that: + - "'after' in subverted" + - "subverted.after.1 == 'URL: ' ~ subversion_repo_url" + - "not subverted.before" + - "subverted.changed" + - subverted_result.stat.exists + +- name: repeated checkout + subversion: + repo: '{{ subversion_repo_url }}' + dest: '{{ subversion_test_dir }}/svn' + register: subverted2 + +- name: verify on a reclone things are marked unchanged + assert: + that: + - "not subverted2.changed" + +- name: check for tags + stat: path={{ subversion_test_dir }}/svn/tags + register: tags + +- name: check for trunk + stat: path={{ subversion_test_dir }}/svn/trunk + register: trunk + +- name: check for branches + stat: path={{ subversion_test_dir }}/svn/branches + register: branches + +- name: assert presence of tags/trunk/branches + assert: + that: + - "tags.stat.isdir" + - "trunk.stat.isdir" + - "branches.stat.isdir" + +- name: remove checked out repo + file: + path: '{{ subversion_test_dir }}/svn' + state: absent + +- name: checkout with quotes in username + subversion: + repo: '{{ subversion_repo_auth_url }}' + dest: '{{ subversion_test_dir }}/svn' + username: '{{ subversion_username }}' + password: '{{ subversion_password }}' + register: subverted3 + +- name: get result of checkout with quotes in username + stat: + path: '{{ subversion_test_dir }}/svn' + register: subverted3_result + +- name: assert checkout with quotes in username + assert: + that: + - subverted3 is changed + - subverted3_result.stat.exists + - subverted3_result.stat.isdir + +- name: checkout with export + subversion: + repo: '{{ subversion_repo_url }}' + dest: '{{ subversion_test_dir }}/svn-export' + export: True + register: subverted4 + +- name: check for tags + stat: path={{ subversion_test_dir }}/svn-export/tags + register: export_tags + +- name: check for trunk + stat: path={{ subversion_test_dir }}/svn-export/trunk + register: export_trunk + +- name: check for branches + stat: path={{ subversion_test_dir }}/svn-export/branches + register: export_branches + +- name: assert presence of tags/trunk/branches in export + assert: + that: + - "export_tags.stat.isdir" + - "export_trunk.stat.isdir" + - "export_branches.stat.isdir" + - "subverted4.changed" + +# TBA: test for additional options or URL variants welcome diff --git a/test/integration/targets/subversion/templates/subversion.conf.j2 b/test/integration/targets/subversion/templates/subversion.conf.j2 new file mode 100644 index 00000000000..31e264a0e07 --- /dev/null +++ b/test/integration/targets/subversion/templates/subversion.conf.j2 @@ -0,0 +1,66 @@ +{% if ansible_os_family == "Debian" %} + +{% if ansible_distribution_version == "14.04" %} +{# Ubuntu 14.04 conflicts with existing port 80 so we can't include the default #} +Timeout 300 +KeepAlive On +MaxKeepAliveRequests 100 +KeepAliveTimeout 5 +User ${APACHE_RUN_USER} +Group ${APACHE_RUN_GROUP} +HostnameLookups Off +LogLevel warn +LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined +LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %O" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent + +IncludeOptional mods-enabled/*.load +IncludeOptional mods-enabled/*.conf +IncludeOptional conf-enabled/*.conf +IncludeOptional sites-enabled/*conf + + + Require all denied + + +{% else %} +Include /etc/apache2/apache2.conf +{% endif %} + +{% elif ansible_os_family == "FreeBSD" %} +Include /usr/local/etc/apache24/httpd.conf +LoadModule dav_module libexec/apache24/mod_dav.so +LoadModule dav_svn_module libexec/apache24/mod_dav_svn.so +LoadModule authz_svn_module libexec/apache24/mod_authz_svn.so +{% elif ansible_os_family == "Suse" %} +Include /etc/apache2/httpd.conf +LoadModule dav_module /usr/lib64/apache2/mod_dav.so +LoadModule dav_svn_module /usr/lib64/apache2/mod_dav_svn.so +{% elif ansible_os_family == "RedHat" %} +Include /etc/httpd/conf/httpd.conf +{% endif %} + +PidFile {{ subversion_server_dir }}/apache.pid +Listen 127.0.0.1:{{ apache_port }} +ErrorLog {{ subversion_server_dir }}/apache2-error.log + + + DAV svn + SVNParentPath {{ subversion_server_dir }} +{% if ansible_distribution == "CentOS" and ansible_distribution_version.startswith("6") %} + Allow from all +{% else %} + Require all granted +{% endif %} + + + + DAV svn + SVNParentPath {{ subversion_server_dir }} + AuthType Basic + AuthName "Subversion repositories" + AuthUserFile {{ subversion_server_dir }}/svn-auth-users + Require valid-user + diff --git a/test/integration/targets/subversion/vars/Debian.yml b/test/integration/targets/subversion/vars/Debian.yml new file mode 100644 index 00000000000..bf7c2084ac9 --- /dev/null +++ b/test/integration/targets/subversion/vars/Debian.yml @@ -0,0 +1,6 @@ +--- +subversion_packages: +- subversion +- libapache2-svn +apache_user: www-data +apache_group: www-data diff --git a/test/integration/targets/subversion/vars/FreeBSD.yml b/test/integration/targets/subversion/vars/FreeBSD.yml new file mode 100644 index 00000000000..153f52357ae --- /dev/null +++ b/test/integration/targets/subversion/vars/FreeBSD.yml @@ -0,0 +1,7 @@ +--- +subversion_packages: +- apache24 +- mod_dav_svn +- subversion +apache_user: www +apache_group: www diff --git a/test/integration/targets/subversion/vars/RedHat.yml b/test/integration/targets/subversion/vars/RedHat.yml new file mode 100644 index 00000000000..666d229cd92 --- /dev/null +++ b/test/integration/targets/subversion/vars/RedHat.yml @@ -0,0 +1,6 @@ +--- +subversion_packages: +- mod_dav_svn +- subversion +apache_user: apache +apache_group: apache diff --git a/test/integration/targets/subversion/vars/Suse.yml b/test/integration/targets/subversion/vars/Suse.yml new file mode 100644 index 00000000000..eab906ec78d --- /dev/null +++ b/test/integration/targets/subversion/vars/Suse.yml @@ -0,0 +1,6 @@ +--- +subversion_packages: +- subversion +- subversion-server +apache_user: wwwrun +apache_group: www